0
0

HIPAA: Requirements for intranet collaboration software

sodiart No Comments 0 likes Security
Listen to this article

Sharing private health data over the internet may be risky enterprise. Unfortunately, as people become accustomed to doing most if not all of their personal business on line, the requirement for accessing this information on the internet will grow to the point that health care providers will not have any choice but to either provide access to the private wellness information or lose their clients.

The medical insurance Portability and Accountability Act (HIPAA) was created to assure the confidentiality of patient information. It requires that health care providers apply stringent measures to assure that information shared on the internet is protected from unauthorized access.

The HIPAA Act requires health-providing entities to:
Assign responsibility for security to some person or organization.
Assess security risks and determine the significant risks to the security and privacy of protected health information.
Set a program to address physical security, personnel security, technical security controls, and security incident response and disaster restoration.
Certify the efficacy of security controls.
Develop policies, procedures and guidelines for use of personal computing devices (workstations, notebooks ( handheld apparatus ), and for ensuring mechanisms are in place that enable, restrict and terminate access (access control lists, user accounts, etc.) applicable to an individual’s statusand change of status or termination.
Implement access controls that may include security, context-based accessibility, role-based accessibility, or user-based accessibility; audit control mechanisms, data authentication, and entity authentication

This legislation has serious implications for organizations that permit unauthorized access resulting in a breach in confidentiality.

Safety Is Essential

Because the HIPAA law provides for both civil and criminal penalties for offenses, data and access security is of extreme importance. To assure HIPPA compliance, online document management on company intranets and extranets should include a number of security features:

Secure web server a host running secure socket layers will be the minimum required.
Encrypted database all information must be encrypted. Software is available that can encrypted all information sent between two pc over the net.
Secure access control — in addition to some conventional user identification and password, it could be a fantastic idea to use a strong password or smart card as extra security.
Session timeout this guarantees that confidential information isn’t left on an unattended display.
Server monitoring the secure web server has to be strictly monitored to discover break-in attempts.
Normal security audits frequent audits are required to create certain all security precautions are working correctly.
Personnel system maintenance needs to be in the control of qualified personnel acquainted with HIPPA requirements

Tags: , , , ,
Share This Post
Written by sodiart
Ich bin der Inhaber von Sodiart
Have your say!
00

Customer Reviews

5
0%
4
0%
3
0%
2
0%
1
0%
0
0%

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

    Thanks for submitting your comment!